Skip to content

Commit 1e17f49

Browse files
authored
Version update 1.8.4 (#504)
* Version update 1.8.4 * [~] close ping frame attack protection in default case * [~] fix lack of parameters * [~] fix lack of .lds * [=] fix cmake version requirement
1 parent aef684c commit 1e17f49

35 files changed

+914
-226
lines changed

CMakeLists.txt

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# Copyright (c) 2022, Alibaba Group Holding Limited
22

3-
cmake_minimum_required (VERSION 2.6)
3+
cmake_minimum_required (VERSION 3.5)
44
project (xquic)
55

66
set (xquic_VERSION_MAJOR 0)
@@ -19,6 +19,7 @@ option (XQC_ENABLE_FEC "enable fec" OFF)
1919
option (XQC_ENABLE_XOR "enable fec scheme xor" OFF)
2020
option (XQC_ENABLE_RSC "enable fec scheme reed-solomon code" OFF)
2121
option (XQC_ENABLE_PKM "enable fec scheme packet mask" OFF)
22+
option (XQC_PING_ATTACK_PROTECT "enable ping attack protection" OFF)
2223

2324
if(NOT CMAKE_BUILD_TYPE)
2425
set(CMAKE_BUILD_TYPE Release)

cmake/CMakeLists.txt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# Copyright (c) 2022, Alibaba Group Holding Limited
22

3-
cmake_minimum_required (VERSION 2.6)
3+
cmake_minimum_required (VERSION 3.5)
44
project (xquic)
55

66
set (xquic_VERSION_MAJOR 0)

demo/demo_client.c

Lines changed: 52 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -207,6 +207,12 @@ typedef struct xqc_demo_cli_quic_config_s {
207207
int recreate_path;
208208
int close_path_id;
209209

210+
int use_x25519;
211+
212+
xqc_msec_t path0_rebind_time;
213+
xqc_msec_t path1_rebind_time;
214+
uint8_t read_old_sockets;
215+
210216
} xqc_demo_cli_quic_config_t;
211217

212218

@@ -1378,16 +1384,22 @@ xqc_demo_cli_socket_read_handler(xqc_demo_cli_user_conn_t *user_conn, int fd)
13781384
{
13791385
user_path = &user_conn->paths[i];
13801386
}
1387+
1388+
if (user_conn->paths[i].is_active
1389+
&& user_conn->paths[i].rebind_fd == fd)
1390+
{
1391+
user_path = &user_conn->paths[i];
1392+
}
1393+
13811394
}
13821395

13831396
if (user_path == NULL) {
13841397
return;
13851398
}
13861399

1387-
// printf("socket read: path%"PRIu64" fd:%d\n", user_path->path_id, user_path->fd);
13881400

13891401
do {
1390-
recv_size = recvfrom(user_path->fd, packet_buf, sizeof(packet_buf), 0,
1402+
recv_size = recvfrom(fd, packet_buf, sizeof(packet_buf), 0,
13911403
(struct sockaddr *)&addr, &addr_len);
13921404
if (recv_size < 0 && get_sys_errno() == EAGAIN) {
13931405
break;
@@ -1398,7 +1410,7 @@ xqc_demo_cli_socket_read_handler(xqc_demo_cli_user_conn_t *user_conn, int fd)
13981410
}
13991411

14001412
user_path->local_addrlen = sizeof(struct sockaddr_in6);
1401-
xqc_int_t ret = getsockname(user_path->fd, (struct sockaddr*)&user_path->local_addr,
1413+
xqc_int_t ret = getsockname(fd, (struct sockaddr*)&user_path->local_addr,
14021414
&user_path->local_addrlen);
14031415
if (ret != 0) {
14041416
printf("getsockname error, errno: %d\n", get_sys_errno());
@@ -1578,11 +1590,13 @@ xqc_demo_cli_rebind_path0(int fd, short what, void *arg)
15781590
// change fd
15791591
int temp = user_conn->paths[0].fd;
15801592
user_conn->paths[0].fd = user_conn->paths[0].rebind_fd;
1581-
user_conn->paths[0].rebind_fd = user_conn->paths[0].fd;
1593+
user_conn->paths[0].rebind_fd = temp;
15821594

15831595
//stop read from the old socket
1584-
event_del(user_conn->paths[0].ev_socket);
1585-
user_conn->paths[0].ev_socket = NULL;
1596+
if (!user_conn->ctx->args->quic_cfg.read_old_sockets) {
1597+
event_del(user_conn->paths[0].ev_socket);
1598+
user_conn->paths[0].ev_socket = NULL;
1599+
}
15861600

15871601
xqc_h3_conn_send_ping(user_conn->ctx->engine, &user_conn->cid, NULL);
15881602
}
@@ -1596,10 +1610,12 @@ xqc_demo_cli_rebind_path1(int fd, short what, void *arg)
15961610
// change fd
15971611
int temp = user_conn->paths[1].fd;
15981612
user_conn->paths[1].fd = user_conn->paths[1].rebind_fd;
1599-
user_conn->paths[1].rebind_fd = user_conn->paths[1].fd;
1613+
user_conn->paths[1].rebind_fd = temp;
16001614

1601-
event_del(user_conn->paths[1].ev_socket);
1602-
user_conn->paths[1].ev_socket = NULL;
1615+
if (!user_conn->ctx->args->quic_cfg.read_old_sockets) {
1616+
event_del(user_conn->paths[1].ev_socket);
1617+
user_conn->paths[1].ev_socket = NULL;
1618+
}
16031619

16041620
xqc_h3_conn_send_ping(user_conn->ctx->engine, &user_conn->cid, NULL);
16051621
}
@@ -1661,6 +1677,10 @@ xqc_demo_cli_init_conn_ssl_config(xqc_conn_ssl_config_t *conn_ssl_config,
16611677
conn_ssl_config->transport_parameter_data = args->quic_cfg.tp;
16621678
conn_ssl_config->transport_parameter_data_len = args->quic_cfg.tp_len;
16631679
}
1680+
1681+
if (args->quic_cfg.use_x25519) {
1682+
conn_ssl_config->tls_groups = XQC_TLS_GROUP_X25519_FIRST;
1683+
}
16641684
}
16651685

16661686
void
@@ -1765,6 +1785,7 @@ xqc_demo_cli_init_args(xqc_demo_cli_client_args_t *args)
17651785
args->quic_cfg.close_path_id = 1;
17661786
args->quic_cfg.backup_path_id = 1;
17671787
args->quic_cfg.quic_version = XQC_VERSION_V1;
1788+
args->quic_cfg.use_x25519 = 0;
17681789

17691790
args->req_cfg.throttled_req = -1;
17701791

@@ -1919,23 +1940,25 @@ xqc_demo_cli_usage(int argc, char *argv[])
19191940
" -B Set initial path standby after recvd first application data, and set initial path available after X ms\n"
19201941
" -I Idle interval between requests (ms)\n"
19211942
" -n Throttling the {1,2,...}xn-th requests\n"
1922-
" -e NAT rebinding on path 0\n"
1923-
" -E NAT rebinding on path 1\n"
1943+
" -e NAT rebinding on path 0 after x ms\n"
1944+
" -E NAT rebinding on path 1 after x ms\n"
1945+
" -O Also read packets from old sockets after rebinding\n"
19241946
" -F MTU size (default: 1200)\n"
19251947
" -G Google connection options (e.g. CBBR,TBBR)\n"
19261948
" -x Extend the number of requests to X\n"
19271949
" -r Send X requests per batch\n"
19281950
" -y cid rotation after x ms\n"
19291951
" -Y cid retirement after x ms\n"
19301952
" -f max path id\n"
1953+
" -5 use X25519 group as the first choice\n"
19311954
, prog);
19321955
}
19331956

19341957
void
19351958
xqc_demo_cli_parse_args(int argc, char *argv[], xqc_demo_cli_client_args_t *args)
19361959
{
19371960
int ch = 0;
1938-
while ((ch = getopt(argc, argv, "a:p:c:Ct:S:0m:A:D:l:L:k:K:U:u:dMoi:w:Ps:b:Z:NQT:R:V:B:I:n:eEF:G:r:x:y:Y:f:z:q6")) != -1) {
1961+
while ((ch = getopt(argc, argv, "a:p:c:Ct:S:0m:A:D:l:L:k:K:U:u:dMoi:w:Ps:b:Z:NQT:R:V:B:I:n:e:E:F:G:r:x:y:Y:f:z:q65O")) != -1) {
19391962
switch (ch) {
19401963
/* server ip */
19411964
case '6':
@@ -2184,12 +2207,19 @@ xqc_demo_cli_parse_args(int argc, char *argv[], xqc_demo_cli_client_args_t *args
21842207
case 'e':
21852208
printf("option rebinding path0 after 2s\n");
21862209
args->net_cfg.rebind_p0 = 1;
2210+
args->quic_cfg.path0_rebind_time = atoi(optarg);
21872211
break;
21882212

21892213
case 'E':
21902214
printf("option rebinding path1 after 3s\n");
21912215
args->net_cfg.rebind_p1 = 1;
2192-
break;
2216+
args->quic_cfg.path1_rebind_time = atoi(optarg);
2217+
break;
2218+
2219+
case 'O':
2220+
printf("also read from old sockets after rebinding\n");
2221+
args->quic_cfg.read_old_sockets = 1;
2222+
break;
21932223

21942224
case 'F':
21952225
printf("MTU size: %s\n", optarg);
@@ -2216,6 +2246,11 @@ xqc_demo_cli_parse_args(int argc, char *argv[], xqc_demo_cli_client_args_t *args
22162246
args->quic_cfg.init_max_path_id = atoi(optarg);
22172247
break;
22182248

2249+
case '5':
2250+
printf("use x25519\n");
2251+
args->quic_cfg.use_x25519 = 1;
2252+
break;
2253+
22192254
default:
22202255
printf("other option :%c\n", ch);
22212256
xqc_demo_cli_usage(argc, argv);
@@ -2730,8 +2765,8 @@ xqc_demo_cli_start(xqc_demo_cli_user_conn_t *user_conn, xqc_demo_cli_client_args
27302765
xqc_demo_cli_rebind_path0,
27312766
user_conn);
27322767
struct timeval tv = {
2733-
.tv_sec = 2,
2734-
.tv_usec = 0,
2768+
.tv_sec = args->quic_cfg.path0_rebind_time / 1000,
2769+
.tv_usec = (args->quic_cfg.path0_rebind_time % 1000) * 1000,
27352770
};
27362771
event_add(user_conn->ev_rebinding_p0, &tv);
27372772
}
@@ -2741,8 +2776,8 @@ xqc_demo_cli_start(xqc_demo_cli_user_conn_t *user_conn, xqc_demo_cli_client_args
27412776
xqc_demo_cli_rebind_path1,
27422777
user_conn);
27432778
struct timeval tv = {
2744-
.tv_sec = 3,
2745-
.tv_usec = 0,
2779+
.tv_sec = args->quic_cfg.path1_rebind_time / 1000,
2780+
.tv_usec = (args->quic_cfg.path1_rebind_time % 1000) * 1000,
27462781
};
27472782
event_add(user_conn->ev_rebinding_p1, &tv);
27482783
}

include/xquic/xquic.h

Lines changed: 42 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -72,7 +72,9 @@ typedef enum xqc_proto_version_s {
7272

7373
#define XQC_RESET_TOKEN_MAX_KEY_LEN 256
7474

75-
75+
#define XQC_TOKEN_MAX_KEY_VERSION 4
76+
#define XQC_TOKEN_VERSION_MASK 3
77+
#define XQC_TOKEN_MAX_KEY_LEN 256
7678
/**
7779
* the max message count of iovec in sendmmsg
7880
*/
@@ -417,6 +419,17 @@ typedef void (*xqc_conn_ready_to_create_path_notify_pt)(const xqc_cid_t *scid,
417419
typedef xqc_int_t (*xqc_conn_cert_cb_pt)(const char *sni,
418420
void **chain, void **crt, void **key, void *user_data);
419421

422+
typedef void (*xqc_conn_ssl_msg_cb_pt)(int msg_type,
423+
const void *msg, size_t msg_len, void *user_data);
424+
425+
/**
426+
* @brief to determine whether to send a retry packet
427+
* @return XQC_TRUE(1): meet condition to send a retry packet
428+
* XQC_FALSE(0): don't meet condition to send a retry packet or an error occurred while judging the condition
429+
*/
430+
typedef int (*xqc_conn_retry_packet_pt)(xqc_engine_t *engine, xqc_connection_t *conn,
431+
const xqc_cid_t *cid, void *user_data);
432+
420433
/**
421434
* @brief multi-path create callback function
422435
*
@@ -703,6 +716,17 @@ typedef struct xqc_transport_callbacks_s {
703716
*/
704717
xqc_conn_cert_cb_pt conn_cert_cb;
705718

719+
xqc_conn_ssl_msg_cb_pt conn_ssl_msg_cb;
720+
/**
721+
* @brief check the conditions to send retry packet
722+
*/
723+
xqc_conn_retry_packet_pt conn_retry_packet_condition_check;
724+
/**
725+
* @brief server send packet before server accept the connection.
726+
* for example, retry packet is sent when the application layer connection has not been established,
727+
*/
728+
xqc_socket_write_pt conn_send_packet_before_accept;
729+
706730
} xqc_transport_callbacks_t;
707731

708732

@@ -1165,6 +1189,11 @@ typedef struct xqc_config_s {
11651189

11661190
/** for warning when the number of elements in one bucket exceeds the value of hash_conflict_threshold*/
11671191
uint32_t hash_conflict_threshold;
1192+
1193+
/* used to encrypt token */
1194+
unsigned char token_key_list[XQC_TOKEN_MAX_KEY_VERSION][XQC_TOKEN_MAX_KEY_LEN];
1195+
uint16_t tk_len_list[XQC_TOKEN_MAX_KEY_VERSION];
1196+
uint8_t cur_tk_index; /* current used token key version */
11681197
} xqc_config_t;
11691198

11701199

@@ -1261,6 +1290,11 @@ typedef struct xqc_conn_ssl_config_s {
12611290
* certificate verify flag. which is a bit-map flag defined in xqc_cert_verify_flag_e
12621291
*/
12631292
uint8_t cert_verify_flag;
1293+
1294+
/**
1295+
* ssl curve list (groups). If not set, xquic will use the default engine-level value.
1296+
*/
1297+
xqc_tls_group_type_t tls_groups;
12641298
} xqc_conn_ssl_config_t;
12651299

12661300
typedef struct xqc_linger_s {
@@ -1490,6 +1524,13 @@ typedef struct xqc_conn_settings_s {
14901524
uint64_t receive_timestamps_exponent;
14911525

14921526
uint8_t disable_pn_skipping;
1527+
1528+
/* The client can specify its own scid or dcid. Default: 0 */
1529+
uint8_t specify_client_scid;
1530+
uint8_t client_scid[XQC_MAX_CID_LEN];
1531+
uint8_t specify_client_dcid;
1532+
uint8_t client_dcid[XQC_MAX_CID_LEN];
1533+
14931534
} xqc_conn_settings_t;
14941535

14951536

include/xquic/xquic_typedef.h

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -229,6 +229,7 @@ typedef struct xqc_http_priority_s {
229229
uint8_t schedule;
230230
uint8_t reinject;
231231
uint32_t fec;
232+
uint8_t fastpath;
232233
} xqc_h3_priority_t;
233234

234235
/* ALPN definition */
@@ -333,4 +334,17 @@ typedef enum {
333334
XQC_APP_PATH_STATUS_MAX,
334335
} xqc_app_path_status_t;
335336

337+
typedef enum xqc_tls_msg_type_e {
338+
XQC_TLS_1_3_CLIENT_HELLO,
339+
XQC_TLS_1_3_SERVER_HELLO
340+
} xqc_tls_msg_type_t;
341+
342+
typedef enum xqc_tls_group_type_e {
343+
XQC_TLS_GROUP_DEFAULT = 0,
344+
XQC_TLS_GROUP_P256_FIRST = 1,
345+
XQC_TLS_GROUP_X25519_FIRST = 2,
346+
XQC_TLS_GROUP_P384_FIRST = 3,
347+
XQC_TLS_GROUP_P521_FIRST = 4,
348+
} xqc_tls_group_type_t;
349+
336350
#endif /*_XQUIC_TYPEDEF_H_INCLUDED_*/

scripts/case_test.sh

Lines changed: 26 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -57,7 +57,8 @@ fi
5757

5858

5959
echo -e "server refuse ...\c"
60-
${CLIENT_BIN} -x 46 -t 10 >> stdlog
60+
${CLIENT_BIN} -x 46 -t 1 >> stdlog
61+
sleep 10
6162
result=`grep "conn close notified by refuse" slog`
6263
if [ -n "$result" ]; then
6364
echo ">>>>>>>> pass:1"
@@ -756,6 +757,29 @@ else
756757
fi
757758
rm -f test_session
758759

760+
clear_log
761+
echo -e "retry packet send ...\c"
762+
killall test_server
763+
rm -f xqc_token
764+
${SERVER_BIN} -l d -e -x 601 > /dev/null &
765+
sleep 1
766+
result=`${CLIENT_BIN} -s 1024 -l d -t 1 -E --conn_options CBBR|grep ">>>>>>>> pass"`
767+
errlog=`grep_err_log`
768+
slog_res=`grep -E "<==.*xqc_conn_send_retry ok" slog`
769+
clog_res=`grep -E "packet_parse_retry" clog`
770+
#echo "$result"
771+
if [ -z "$errlog" ] && [ "$result" == ">>>>>>>> pass:1" ] && [ -n "$slog_res" ] && [ -n "$clog_res" ]; then
772+
echo ">>>>>>>> pass:1"
773+
case_print_result "retry_packet_send" "pass"
774+
else
775+
echo ">>>>>>>> pass:0"
776+
case_print_result "retry_packet_send" "fail"
777+
echo "$errlog"
778+
echo "$slog_res"
779+
echo "$clog_res"
780+
fi
781+
782+
759783

760784
clear_log
761785
echo -e "server cid negotiate ...\c"
@@ -860,7 +884,6 @@ else
860884
echo "$errlog"
861885
fi
862886

863-
864887
clear_log
865888
echo -e "send 1K data ...\c"
866889
result=`${CLIENT_BIN} -s 1024 -l d -t 1 -E --conn_options CBBR|grep ">>>>>>>> pass"`
@@ -4922,4 +4945,4 @@ else
49224945
case_print_result "ack_timestamp_frame_case_6" "fail"
49234946
fi
49244947

4925-
cd -
4948+
cd -

scripts/xquic.lds

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -128,6 +128,7 @@ XQUIC_VERS_1.0 {
128128
xqc_reed_solomon_code_cb;
129129
xqc_xor_code_cb;
130130
xqc_packet_mask_code_cb;
131+
xqc_conn_set_init_idle_timeout;
131132
local:
132133
*;
133134
};

0 commit comments

Comments
 (0)